Get Puppet Enterprise First 10 nodes are free!
Try it now
Request a demo
Automate IT and infrastructure, manage complex workflows, and mitigate risk at scale.
Try the full-featured Puppet Enterprise for free on 10 nodes.
Puppet Comply Find and prevent compliance failures
Compliance Enforcement Modules Remediate to stay in compliance
Continuous Delivery for Puppet Enterprise Build, test, and deploy infrastructure as code faster and easier
Content & Modules Pre-built scripts to automate common tasks
CentOS EOL Here’s how to secure your CentOS infrastructure – even after EOL.
Find thousands of component modules built by the community and guidance on using them in your own infrastructure.
Visit Puppet Forge >>
Open Source PuppetPerfect for individuals and small infrastructure
BoltAutomate tasks in orchestration workflows
See all open source projects >>
Contribute to open source projects >>
Providing cybersecurity resilience is important to Puppet. Here, we share guidance on cybersecurity resilience using Australia as an example.
Table of Contents:
You only have to read regular news reports about the multiple outages across household names in banking and financial services, resulting in customers being unable to access their bank accounts, to know that cybersecurity resilience has never been more important and is on every organization’s radar.
The threat of regulatory action, heavy fines, and the potential loss of banking licenses is very real. As a result, companies are investing in their digital infrastructures to prevent data breaches, tech failures, and system outages.
Maintaining trust and integrity in the financial system is paramount. The Australian Securities and Investments Commission (ASIC) is working with Industry and other Regulators to support enhanced cyber resiliency and security in line with the Government’s commitment to mitigating cybersecurity risks. They are driving industry readiness and compliance with standards set by law reform initiatives and through the use of regulatory tools aimed at improving consumer outcomes.
In my role at Puppet, I regularly meet clients who aim to enhance their technology security posture in response to cyber threats and to remain aligned to Australian Signals Directorate (ASD) guidelines and evolving industry best practices.
The ASD is responsible for foreign signals intelligence, support to military operations, cyber warfare, and information security, and has a long history of cybersecurity excellence. They lead the Australian Government’s efforts to improve cybersecurity to help make Australia an extremely secure place to connect online. Their parent agency is the Department of Defence.
Based within the ASD is the Australian Cyber Security Centre (ACSC) who have published the Essential Eight, a series of baseline mitigation strategies taken from the Strategies to Mitigate Cyber Security Incidents recommended for organisations. Implementing these strategies as a minimum makes it much harder for adversaries to compromise systems.
The federal government is set to mandate the Essential Eight cybersecurity controls for all 98 non-corporate Commonwealth entities. This is a big deal for anyone in banking and government.
In the 2020-21 financial year, ACSC has responded to 1,630 cybersecurity incidents, and a high proportion of these incidents were categorised as “category four” or “substantial in impact.” ACSC triages cybersecurity incidents based on the severity of impact and extent of compromise using six categories, with “category one” — or incidents that impact national security, essential services and critical infrastructure — being the worst. This is a change from the previous financial years, when the highest proportion was at category five. ACSC have said this was partially due to “obligations to report significant cybersecurity incidents to the ACSC” and “may not necessarily reflect an increased susceptibility.”
Cybersecurity is becoming more of a priority for company leaders than ever before. Four in 10 (39%) organisations are putting cybersecurity on their board agendas quarterly, up from 29% in 2020.
With the pandemic and increased remote work contributing to a rise in cyber attacks, it’s more important than ever for IT teams to know what risks their organisations are facing and how to address them correctly. CISOs and other security leaders are struggling with inadequate budgets, regulatory fragmentation, and disconnection with the functions that need them the most. These results are detailed in EY's Global Information Security Survey 2021 (GISS).
Understanding how Puppet adds value to this is becoming the number 1 topic on agendas across my client base. Knowing how crucial this is to my client’s business, I summarise below a high level synopsis of how Puppet hardens the cybersecurity posture of customers.
Not using Puppet yet? Try Puppet Enterprise today!
START MY TRIAL
Senior Principal Account Director, Puppet
Elizabeth Williams is a Senior Principal Account Director for Puppet.